CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4545 matches found

OSV•added 2021/03/05 10:15 a.m.•0 views

CVE-2021-20664

Cross-site scripting vulnerability in in Asset registration screen of Movable Type 7 r.4705 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.4705 and earlier Movable Type Advanced 7 Series, Movable Type 6.7.5 and earlier Movable Type 6.7 Series, Movable Type Premium 1.39 and earlier,...

6.1CVSS6.5AI score

Exploits0References2

OSV•added 2021/03/02 5:15 p.m.•1 views

CVE-2020-23518

Cross Site Scripting XSS vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM Software up to version 3.5 which allows remote attackers to inject arbitrary web script or HTML...

5.4CVSS6.2AI score0.00167EPSS

Exploits2References1

OSV•added 2021/01/28 11:15 a.m.•0 views

CVE-2021-20620

Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.9AI score0.00464EPSS

Exploits0References3

OSV•added 2021/01/28 11:15 a.m.•1 views

CVE-2021-20622

Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.9AI score0.00464EPSS

Exploits0References3

CNNVD•added 2021/01/26 12:0 a.m.•2 views

Egavilan Media Bakeshop Online Ordering System Cross-Site Scripting Vulnerability

Egavilan Media Bakeshop Online Ordering System is a Javascript-based code repository from Egavilan Media that supports interaction with git repositories. A cross-site scripting vulnerability exists in Bakeshop Online Ordering System that could allow a remote attacker to inject arbitrary web scrip...

4.8CVSS5.9AI score0.00151EPSS

Exploits1References2

CNVD•added 2021/01/25 12:0 a.m.•6 views

WESEEK GROWI cross-site scripting vulnerability (CNVD-2021-16351)

WESEEK GROWI is a suite of team collaboration software from Weseek Japan. A cross-site scripting vulnerability exists in WESEEK GROWI, which can be exploited by a remote attacker to inject arbitrary script via an unspecified vector...

6.1CVSS6.2AI score0.00464EPSS

Exploits0References1

CNNVD•added 2021/01/19 12:0 a.m.•2 views

Rocketgenius Gravity Forms Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via imported GF forms...

4.8CVSS5.8AI score0.00242EPSS

Exploits0References2

CNVD•added 2021/01/09 12:0 a.m.•2 views

CuteSoft Cute Editor Cross-Site Scripting Vulnerability

CuteSoft Cute Editor is a U.S. CuteSoft company can be used to edit PHP and ASP HTML editor. A cross-site scripting vulnerability exists in Cute Editor for ASP.NET version 6.4, which allows remote attackers to execute scripts in the victim's web browser using specially crafted URLs...

6.1CVSS6.3AI score0.06813EPSS

Exploits1References1

OSV•added 2021/01/08 7:15 p.m.•1 views

DEBIAN-CVE-2020-16030

Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

6.1CVSS7.7AI score0.00265EPSS

Exploits0References1

OSV•added 2020/12/26 2:15 a.m.•0 views

CVE-2020-27515

A Cross Site Scripting XSS vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field...

6.1CVSS6.5AI score0.00538EPSS

Exploits1References3

CNVD•added 2020/12/25 12:0 a.m.•1 views

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2020-75161)

TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A cross-site scripting vulnerability exists in TerraMaster TOS 4.2.06 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the mod...

5.4CVSS6AI score0.00236EPSS

Exploits1References1

CNVD•added 2020/12/21 12:0 a.m.•3 views

Xinuos Openserver Cross-Site Scripting Vulnerability

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...

6.1CVSS6AI score0.01051EPSS

Exploits3References1

CNNVD•added 2020/12/16 12:0 a.m.•1 views

DELL Dell EMC iDRAC9 Cross-Site Scripting Vulnerability

DELL Dell EMC iDRAC9 is a system management solution comprising hardware and software from Dell USA. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems. A cross-site scripting vulnerability exists in the Dell EMC iDRAC9 version 4.32.10.00 a...

6.1CVSS6.2AI score0.00301EPSS

Exploits0References2

OSV•added 2020/12/15 9:15 p.m.•1 views

CVE-2020-35416

Multiple cross-site scripting XSS vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage with different request parameters, allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.4AI score0.05165EPSS

Exploits4References3

OSV•added 2020/12/03 12:15 p.m.•0 views

CVE-2020-5638

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1CVSS6.2AI score

Exploits0References2

CNNVD•added 2020/12/03 12:0 a.m.•5 views

Desknets Neo Cross-Site Scripting Vulnerability

Desknets Neo is a remote office support software from Japanese company Desknets. A cross-site scripting vulnerability exists in desknets NEO, which originates from a vulnerability that allows remote attackers to inject arbitrary scripts via unspecified vectors. The following products and versions...

6.1CVSS5.8AI score0.00347EPSS

Exploits0References4

CNNVD•added 2020/12/01 12:0 a.m.•3 views

ThinkAdmin 跨站脚本漏洞

ThinkAdmin is a backend administration framework developed based on the latest ThinkPHP V6 , using the MIT protocol open source. thinkAdmin v1, v6 exists a stored cross-site scripting vulnerability. A remote attacker can use the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS6.1AI score0.00201EPSS

Exploits1References2

Positive Technologies•added 2020/12/01 12:0 a.m.•3 views

PT-2020-17141 · Thinkadmin · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin versions v1 through v6 Description: The issue allows remote attackers to inject an arbitrary web script or HTML, exploiting a stored XSS vulnerability. Recommendations: For ThinkAdmin versions v1 through v6, update to a version tha...

5.4CVSS5.2AI score0.00201EPSS

Exploits1References7

RedHat Linux•added 2020/11/04 1:31 a.m.•1 views

bootstrap: XSS in the affix configuration target property

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...

6.1CVSS6.8AI score0.09805EPSS

Exploits1References4

OSV•added 2020/10/28 7:15 p.m.•0 views

CVE-2020-27741

Multiple cross-site scripting XSS vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

6.1CVSS6.4AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by